package com.kyrioscraft.cloud.security.securitymoblie.authentication.social;

import com.kyrioscraft.cloud.security.securitymoblie.authentication.MyUserDetailsService;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.social.connect.UsersConnectionRepository;
import org.springframework.social.security.SocialUserDetailsService;

import java.util.HashSet;
import java.util.Set;

/**
 * @Author kyrioscraft
 * @Date 2018/12/27 10:56
 * @Description //TODO
 **/
public class OpenIdAuthenticationProvider implements AuthenticationProvider{

    private SocialUserDetailsService socialUserDetailsService;

    private UsersConnectionRepository usersConnectionRepository;

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        OpenIdAuthenticationToken token = (OpenIdAuthenticationToken)authentication;
        Set<String> providerUserIds = new HashSet<>();
        providerUserIds.add((String) token.getPrincipal());
        Set<String> userIds = usersConnectionRepository.findUserIdsConnectedTo(token.getProviderId(),providerUserIds);
        if (CollectionUtils.isEmpty(userIds)){
            throw new InternalAuthenticationServiceException("无法获取到用户信息");
        }
        String userId = userIds.iterator().next();

        UserDetails user = socialUserDetailsService.loadUserByUserId(userId);
        if(user == null) {
            throw new InternalAuthenticationServiceException("无法获取到用户信息");
        }
        OpenIdAuthenticationToken authenticationResult = new OpenIdAuthenticationToken(user, user.getAuthorities());
        authenticationResult.setDetails(token.getDetails());
        return authenticationResult;
    }

    /**
     *  ProviderManager 实现 AuthenticationManager 通过
     *  if (provider.supports(toTest)) 从provider实例集合中查找出合适的Provider
     */
    @Override
    public boolean supports(Class<?> aClass) {
        return OpenIdAuthenticationToken.class.isAssignableFrom(aClass);
    }

    public SocialUserDetailsService getSocialUserDetailsService() {
        return socialUserDetailsService;
    }

    public void setSocialUserDetailsService(SocialUserDetailsService socialUserDetailsService) {
        this.socialUserDetailsService = socialUserDetailsService;
    }

    public UsersConnectionRepository getUsersConnectionRepository() {
        return usersConnectionRepository;
    }

    public void setUsersConnectionRepository(UsersConnectionRepository usersConnectionRepository) {
        this.usersConnectionRepository = usersConnectionRepository;
    }
}
